digital identity electronic identity cards trust mobile - Consult Hyperion

[Dave Birch] I recently gave a talk about the using mobile phones as carriers of identity "cards", pointing out the kind of functionality that such an implementation could deliver into the hands of citizens and consumers. I'd used Neil McEvoy's "identity as utility" as the paradigm and demonstrated, I think, that the mobile phone is (for the time being) the most logical means to implement national-scale solutions. Caspar Bowden of Microsoft was in the audience and — as I always genuinely appreciate — asked me a couple of tough questions that I've been reflecting on. One of them concerned the relationship between security and privacy in an environment where the connection layer not only knows who the users are, but where they are at all times. This, Caspar reasoned, means that any implementation that tries to use privacy-enhancing technologies at a higher layer will necessarily be confounded, since trivial data matching in mobile phone records or ISP records will deliver an accurate record of both where you were and who you were talking to. This is, of course, correct. As Ben Laurie has so clearly pointed out, unless the connection layer is anonymous, nothing else matters. Uh oh…

A United Nations agency is quietly drafting technical standards, proposed by the Chinese government, to define methods of tracing the original source of Internet communications and potentially curbing the ability of users to remain anonymous. The U.S. National Security Agency is also participating in the "IP Traceback" drafting group, named Q6/17, which is meeting next week in Geneva to work on the traceback proposal. Members of Q6/17 have declined to release key documents, and meetings are closed to the public.
[From U.N. agency eyes curbs on Internet anonymity | Politics and Law – CNET News]

Shouldn't there be some kind of informed public debate about this kind of thing? (If you want to read up, start with the document that Robin Wilton pointed me to at the ITU.) This isn't a bit of irrelevant geekery on the margins of society, it's a fundamental issue, a fundamental bound on the development of communications.

Continue reading “Location layer”

[Dave Birch] Over on the Digital Money Blog, we’ve been talking about the well-known MiFare security issue. We’re interested in it over there because MiFare is used for things such as Oyster cards and there’s an overlap between contactless cash replacement and contactless transit systems. From this frame of reference, the security issue is interesting and it needs to be factored in to system procurement, card updates and that kind of thing. No-one is going to implement an electronic purse system using MiFare Classic, so the sky isn’t falling in. So, the guys are saying, well, next time we buy some cards we’ll buy MiFare Plus instead, but other than that, what’s the worry. But now it turns out that the problem may be far more troublesome than at first realised, because it turns out that the same technology (designed for mass transit) is being used by the Dutch government to secure access to important facilities:

…the Dutch Interior Ministry‘s spokesman said this is “a national security issue,” since several government agencies there use the same technology to restrict access to their facilities.

It looks as if the researchers behind the MiFare crack have done Dutch citizens a big favour by alerting them to the inappropriate use of technology — MiFare Classic was designed for mass transit, not for identity cards and access control for sensitive facilities — before some bad guys do.

Continue reading “Fingers in the dyke”